RFR: 8352724: Verify bounds for primitive array reads in JVMCI [v2]
Doug Simon
dnsimon at openjdk.org
Mon Apr 14 14:43:04 UTC 2025
On Mon, 14 Apr 2025 14:32:52 GMT, Andrej Pečimúth <duke at openjdk.org> wrote:
>> This PR adds a bounds check for primitive array reads in JVMCI. When a JVMCI compiler attempts to read after the last array element (from the padding of the allocated object), JVMCI should throw an exception instead of returning a garbage value. The check added in this PR handles both primitive and object reads.
>
> Andrej Pečimúth has updated the pull request incrementally with one additional commit since the last revision:
>
> Test reads after last array element in JVMCI.
test/hotspot/jtreg/compiler/jvmci/jdk.vm.ci.runtime.test/src/jdk/vm/ci/runtime/test/TestConstantReflectionProvider.java line 148:
> 146: if (cv.boxed != null && cv.boxed.getClass().isArray()) {
> 147: JavaKind kind = metaAccess.lookupJavaType(cv.value).getComponentType().getJavaKind();
> 148: long offset = metaAccess.getArrayBaseOffset(kind) + (long) metaAccess.getArrayIndexScale(kind) * Array.getLength(cv.boxed);
If I understand correctly, this tests a read of an element one past the end of the array.
Can you please also add a test for a read that is partially out-of-bounds:
long offset = 1 + metaAccess.getArrayBaseOffset(kind) + (long) metaAccess.getArrayIndexScale(kind) * (Array.getLength(cv.boxed) - 1);
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/24200#discussion_r2042298538
More information about the graal-dev
mailing list